* nat
-N KUMA_MESH_INBOUND
-N KUMA_MESH_OUTBOUND
-N KUMA_MESH_INBOUND_REDIRECT
-N KUMA_MESH_OUTBOUND_REDIRECT
-A PREROUTING -p tcp -j KUMA_MESH_INBOUND
-A OUTPUT -p udp --dport 53 -m owner --uid-owner 5678 -j RETURN
-A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 15053
-A OUTPUT -p tcp -j KUMA_MESH_OUTBOUND
-A KUMA_MESH_INBOUND -p tcp -j KUMA_MESH_INBOUND_REDIRECT
-A KUMA_MESH_OUTBOUND -s 127.0.0.6/32 -o lo -j RETURN
-A KUMA_MESH_OUTBOUND -p tcp ! --dport 53 -o lo ! -d 127.0.0.1/32 -m owner --uid-owner 5678 -j KUMA_MESH_INBOUND_REDIRECT
-A KUMA_MESH_OUTBOUND -p tcp ! --dport 53 -o lo -m owner ! --uid-owner 5678 -j RETURN
-A KUMA_MESH_OUTBOUND -m owner --uid-owner 5678 -j RETURN
-A KUMA_MESH_OUTBOUND -p tcp --dport 53 -j REDIRECT --to-ports 15053
-A KUMA_MESH_OUTBOUND -d 127.0.0.1/32 -j RETURN
-A KUMA_MESH_OUTBOUND -j KUMA_MESH_OUTBOUND_REDIRECT
-A KUMA_MESH_INBOUND_REDIRECT -p tcp -j REDIRECT --to-ports 15006
-A KUMA_MESH_OUTBOUND_REDIRECT -p tcp -j REDIRECT --to-ports 15001
COMMIT
